Information Security Risk Assessment

The IS Risk Assessment is accomplished using the risk analysis methods in accordance with the general guidelines of the National Institute of Standards and Technology (NIST) Special Publication 800-30 Revision 1, Guide for Conducting Risk Assessments. The IS Risk Assessment identifies current vulnerabilities, threat sources and discusses planned and recommended countermeasures to mitigate those operational risks. Information contained in the IS Risk Assessment will assist management in making informed decisions regarding the institution’s security posture. All factors presented within the IS Risk Assessment should be carefully reviewed and weighed before either accepting or rejecting the level of risk associated with continued system operations.